From the course: CISSP Cert Prep (2021): 5 Identity and Access Management

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Password authentication protocols

Password authentication protocols

From the course: CISSP Cert Prep (2021): 5 Identity and Access Management

Start my 1-month free trial

Password authentication protocols

- [Instructor] Many access control systems rely upon password-based mechanisms to implement something you know security. One of the most common applications of password security is to secure virtual private networks and other remote access technologies. Let's take a look at the protocols used to implement remote access password security. The Password Authentication Protocol, or PAP, is the earliest of these protocols. In this protocol, the client wishes to authenticate to a server, and both the client and the server know the user's password. The client simply transmits the username and password to the server and the server validates the password. That's about as simple as it gets and successfully implements password authentication. But there's a major flaw to this approach. PAP does not use any encryption to protect the communication. Anyone able to eavesdrop on the connection can read the username and password from the…

Contents